SUSE SLES12 Security Update : curl (SUSE-SU-2026:0066-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0066-1 advisory. - CVE-2025-14524: Fixed bearer token leak on cross-protocol redirect bsc1255731 - CVE-2025-15079: Fixed unknown host connection acceptance when...

SUSE-SU-2026:0066-1 Security update for curl

This update for curl fixes the following issues: - CVE-2025-14524: Fixed bearer token leak on cross-protocol redirect bsc1255731 - CVE-2025-15079: Fixed unknown host connection acceptance when set in the global knownhostsfile bsc1255733 - CVE-2025-14819: Fixed issue where alteration of...

CVE-2024-38865

Improper neutralization of livestatus command delimiters in a specific endpoint within RestAPI of Checkmk prior to 2.2.0p39, 2.3.0p25, and 2.1.0p51 EOL allows arbitrary livestatus command execution. Exploitation requires the attacker to have a contact group assigned to their user account and for ...

UBUNTU-CVE-2024-38865

Improper neutralization of livestatus command delimiters in a specific endpoint within RestAPI of Checkmk prior to 2.2.0p39, 2.3.0p25, and 2.1.0p51 EOL allows arbitrary livestatus command execution. Exploitation requires the attacker to have a contact group assigned to their user account and for ...

PT-2025-15924 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.2.0p39 Checkmk versions prior to 2.3.0p25 Checkmk versions prior to 2.1.0p51 Description: The issue is related to improper neutralization of livestatus command delimiters in a specific endpoint within the RestAPI o...

Malicious code in tensorfioi (PyPI)

This package is considered malicious because it communicates with an unknown host via a Telegram channel...

MAL-2024-1548 Malicious code in tensorfioi (PyPI)

This package is considered malicious because it communicates with an unknown host via a Telegram channel...

MAL-2024-1546 Malicious code in Nasrtox (PyPI)

This package is considered malicious because it communicates with an unknown host via a Telegram channel...

MAL-2024-1545 Malicious code in Costrar (PyPI)

This package is considered malicious because it communicates with an unknown host via a Telegram channel...

Malicious code in Costrar (PyPI)

This package is considered malicious because it communicates with an unknown host via a Telegram channel...

Malicious code in Nasrtox (PyPI)

This package is considered malicious because it communicates with an unknown host via a Telegram channel...

DNS Resolution through NetScaler Fails with Unknown Host Error

DNS resolution for FQDN fails and following error is received when pinging FQDN from NetScaler: VPX-190 ping www.citrix.com ping: cannot resolve www.citrix.com: Unknown host ERROR:...

Open redirect

An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur issue 1 of 2. After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack...

Open redirect

An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur issue 2 of 2. After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack...

CVE-2022-44717

An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur issue 1 of 2. After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack...

OpenSSL <= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS

No description provided by source. / cve-2009-1378.c OpenSSL = 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 In dtls1processoutofseqmessage the check if the...

PT-2007-6975 · Oracle · Javamail

Name of the Vulnerable Software and Affected Versions: Javamail affected versions not specified Description: The issue arises when Javamail fails to properly handle a series of invalid login attempts where the same e-mail address is used as both the username and password. Specifically, if the...

IBM WebSphere Widespread configuration JSP disclosure

IBM WebSphere Widespread configuration JSP disclosure Release Date: 04/13/2005 Severity: High Systems Affected IBM WebSphere Application 6 and prior. Description The practice of sharing the document root of the app server within the document root of the web server creates a security exposure that...